Jamey Sample | Executive Director at EY

Biography of Jamey SampleExecutive Director at EY

Jamey is a leader in Ernst & Young LLP’s Risk Advisory Services with over 20 years of experience in establishing and operating enterprise security risk management programs. He specializes in integrating security into strategic business planning, business operations and processes, and enterprise risk management.

Most recently, Jamey served as the Chief Information Security Officer (CISO) at Pacific Gas & Electric (PG&E). He was accountable for the governance, oversight, and support of PG&E’s enterprise security and critical infrastructure protection program. He was responsible for overall achievement and compliance with regulatory requirements and identifying, assessing, and prioritizing cybersecurity risk. This included establishing vision; rules, principles, policies and practices; and setting the standard of performance for PG&E.

Prior to PG&E, Jamey served as the CISO for Tennessee Valley Authority and Manager of Information Security at the California Independent System Operator (CAISO). At the CAISO, from 2000-2008 Jamey was accountable for the governance, oversight, and support of the CAISO’s enterprise security program. This includes the development and implementation of controls for the grid related assets including Energy Management System, Outage Management System, Supervisory Control and Data Acquisition (SCADA) systems, Remote Terminal Units, RIGs/DPGs, Phaser Management Systems, and Plant Information (PI) Systems; as well as the market assets including all Scheduling Interfaces, OASIS, Metering System, E-Tag, Automated Dispatch System, and Settlement Systems.

Jamey served in the United States Navy as a Cryptologic Technician where during his last assignment was the Non-Commissioned Officer in Charge of U.S. Commander in Chief Pacific, Intelligence Directorate Systems Engineering and Assistant ISSO.

Jamey serves as a member of the Center for Strategic & International Studies (CSIS) Cyber Policy Task Force that is updating the bipartisan report, Securing Cyberspace for the 44th Presidency, for the 45th Presidency. This report serves as the primary blueprint for Administration policy and congressional legislative reform in the cyber space. The Task Force is co-chaired by Senator Roy Blunt (R-MO), Senator Sheldon Whitehouse (D-RI), James A. Lewis and Sameer Bhalotra. He serves as an Advisor to the Department of Energy, Office of Electricity Delivery and Energy Reliability Research and Development Division, on various grant projects. Currently serving as an advisor on the PNNL – Enabling Situation Assessment/Awareness for Utility Operators and Cybersecurity Professionals project. Jamey also serves on the Bay Area Council Cybersecurity Committee.

Jamey has been a member of Department of Energy Risk Management Process and Cybersecurity Capability Maturity Model (C2M2); NERC CIP 002-009 Standard drafting team; was a WECC nominated and voting regional member on NERC CIPC for 7 consecutive years; was nominated and served on NERC CIPC Executive Committee for two years; served on the WECC Physical Security Working Group (PSWG); NERC – Joint Product – Remote Access Attacks; IEC Technical Committee 57 Work Group 15; SERC Critical Infrastructure Protection Committee and was a member of and served as Chair of the ISO/RTO Security Working Group and the NERC Standard Project 2010-15 Secure Interactive Remote Access Drafting Team.

In 2014 Jamey was a finalist for the SC Magazine Award, CSO of the Year.

Jamey assisted in the development of the Global Industrial Cybersecurity Professional (GICSO) Certification. This certification establishes a base level of knowledge and understanding for the diverse set of professionals who engineer, operate, secure, and/or support control systems and share responsibility for the security of these environments.